ANONYMOUS FILE SHARING BY TOR’S DARKNET & ONION SHARE

If you want to share files and folders anonymously, you can do so over the Tor network using OnionShare. This simple to use application lets you transfer files of any size. You can even monitor the download progress of the file.

There are a number of ways using which you can share files on the internet. Google Drive, Dropbox, and other cloud storage options are among the first preferences. Then comes the turn for platforms like BitTorrent which allow the users to break the size barrier. But all of these file sharing options fall short regarding anonymity. That means it is possible to know the details of what is being shared.

OnionShare is the solution providing the anonymity cover to the users while sharing files over the internet in a P2P fashion. It uses the Tor network and allows the user to share files anonymously.

OnionShare uses TOR’s network to share files. So, you must have Tor browser running on your machine. You can download Tor browser using this link.

After downloading, run the EXE file and extract the Tor Browser folder somewhere, preferably on your desktop. Now, run ‘Start Tor Browser’ shortcut file present in the folder.

How to use OnionShare to transfer files over Tor network?

• You can download OnionShare from its official website. It is available for Windows, MacOS, and Linux operating systems.
• Install OnionShare by following the steps. It’s the usual next, next, next.
• Now, open the OnionShare app from the start menu

• You can use the Add Folder and Add Files options, or drag the files directly into the app.
• Now, click Start Sharing. The app will automatically generate a .onion link.

• To share the file with anyone, just send the link using any means, like email, etc.

The download link will only work if the person uses Tor browser to open it. Once the file download starts, you can see the progress in the app itself. Moreover, if you want to share the file(s) with more people, untick the checkbox for Stop sharing automatically.

Micah Lee created OnionShare after the ex-NSA contractor Edward Snowden leaked confidential documents. Lee is a board member of the Freedom of Press Foundation and writes for The Intercept.

You can know more about OnionShare on Github.

If you have something to add, tell us in the comments below.

Read More

LazyKali Kali-Linux tutorial

LazyKali is an awesome script written in bash shell. It can automate the whole update and install new tools in your hack repository. As the name suggests, you can get all the updates on Kali Linux and your repositories in one place by running this script.

Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you

LazyKali adds quite a few tools to Kali Linux.

• Bleeding Edge Repos
• AngryIP Scanner
• Terminator
• Xchat
• Unicornscan
• Nautilus Open Terminal
• Simple-Ducky
• Subterfuge
• Ghost-Phisher
• Yamas
• PwnStar
• Ettercap0.7.6
• Xssf
• Smbexec
• Flash
• Java
• Easy-Creds
• Java

… and more!

Lazy-Kali will also update Kali, Start Metaploit Services, Start Stop And Update Open-Vas

This is the first version, script is self updating so more will be added in a short time.

* Warning: Disable firewall or Internet Security application if your Kali Linux is installed in a virtual machine.

To install the script on Kali Linux, run

./lazykali.sh

on root terminal window. If you get a message Permission Denied, then first type:

chmod +x lazykali.sh

and

./lazykali.sh

if the script is not installed it may prompt you to install. Type Y to install the script.

Once the script is installed, it will check the version. If the version is old, allow it to update by typing Y.

Once execute, you will get a command line interface. Check the below screenshot of the tool.

If Kali Linux is not updated, then type 1 to update Kali Linux. Once it is updated, type 6 to check available tools that LazyKali offers you.

Type 3 to install Hackpack. It will prompt you to install Hackpack. Type Y to install Hackpack.

Now click on Applications on the top left corner of Kali Desktop and you will find Hackpack tab.

One advantage of LaziKali is that you can modify the code and add some extra tools to this script to save time and effort.

Read More

CODE INJECTION ATTACKS

Like buffer overflows in system code, injection attacks have been a dangerous problem in the web world for many years, and like buffer overflows, there are several different types of code injection attacks.

Most recent web applications depend on the use of interpreted programming languages and back-end databases to collect data and generate dynamically driven content to the user. There are many popular interpreted programming languages in use today including PHP, JavaScript, Active Server Pages, SQL, Python, and countless others.

An interpreted language differs from a compiled language because the interpreted language generates machine code just before it is executed. Compiled programming languages need the programmer to compile the source code and generate an executable (.exe) file. In this situation, once the program is compiled, the source code cannot be modified unless it is recompiled and the new executable is redistributed.

Understanding what an interpreted language is and how it works is the key to understanding injection attacks. Understanding that user input will usually be used to build code that is executed on the target system, injection attacks concentrate on submitting, sending, and manipulating user-driven input. The purpose of sending manipulated input or queries to a target is to get the target to execute unintended commands or return unintended information back to the attacker.

The typical example of an injection attack is SQL injection. SQL is a programming language that is used to interact with and manipulate data in a database. Using SQL, a user can read, write, modify, and delete data saved in the database tables.

Read More

What is Linux Kernel? Explained in Layman’s Terms

There are so many Linux distributions out in the wild, but there is only one de facto thing that they have in common: the Linux kernel. But while it’s often talked about, a lot of people don’t really know exactly what it does.

Let’s take a look at what the Linux kernel really does and why it’s needed, with as few geeky terms as possible.

What’s a Kernel?

Each operating system uses a kernel. Without a kernel, you can’t have an operating system that actually works. Windows, Mac OS X, and Linux all have kernels, and they’re all different. It’s the kernel that also does the grunt work of the operating system. Besides the kernel, there are a lot of applications that are bundled with the kernel to make the entire package something useful — more on that a bit later.

The kernel’s job is to talk to the hardware and software, and to manage the system’s resources as best as possible. It talks to the hardware via the drivers that are included in the kernel (or additionally installed later on in the form of a kernel module). This way, when an application wants to do something (say change the volume setting of the speakers), it can just submit that request to the kernel, and the kernel can use the driver it has for the speakers to actually change the volume.

The kernel is highly involved in resource management. It has to make sure that there is enough memory available for an application to run, as well as to place an application in the right location in memory. It tries to optimize the usage of the processor so that it can complete tasks as quickly as possible. It also aims to avoid deadlocks, which are problems that completely halt the system when one application needs a resource that another application is using. It’s a fairly complicated circus act to coordinate all of those things, but it needs to be done and that’s what the kernel is for.

What Else Makes Up An Operating System?

Like I mentioned earlier, operating systems include their own kernel along with a bunch of other applications. With just a kernel, it’s nearly impossible to do anything with the operating system. You also need some other applications to be bundled with it, such as a shell. The shell is responsible for displaying the prompt that you see in terminals or command lines. Shells are a much easier way to launch applications, navigate through folders, and much more. All of those tasks that you can do in a shell are supported via other applications that must be bundled as well. For example, the tar application is needed if you’re working with tarballs in a shell.

Operating systems, particularly Linux distributions, then continue to bundle more applications, such as a desktop environment, a web browser, an office suite, and other applications that you often interact with directly. So as you can see, the kernel is just a very small portion of an operating system, but it’s arguably the most crucial one.

Linux History

How long has the Linux kernel been around? It was first created by a Finnish student named Linus Torvalds in 1991. He sent out an email to a mailing list saying, “Hello everybody out there using minix — I’m doing a (free) operating system (just a hobby, won’t be big and professional like gnu) for 386 (486) AT clones.” Over the course of over two decades, the hobby operating system has turned into a major piece of software that now powers millions of devices all over the world.

During this time, Linus decided to license the kernel using the GPL license, meaning that it was open source. People were free to look at the code, modify it to their needs, and then distribute it to others (under the same license).

Hope you like this article.

Read More

5 MOST SECURE WEB-BROWSER FOR ANDROID

                                                   5 MOST SECURE WEB-BROWSER FOR ANDROID

1. Firefox Focus

It comes with the robustness of Mozilla, it’s a fast web browser which shields your privacy. You delete the browsing history and cache with a single tap. You can even block the content trackers but that might break webpages.

It has a feature called “Stealth Mode” which is toggled on by default. It prevents you from taking screenshots in the app. Just in case you want to take a screenshot, you’ll have to disable this feature first. Downside is only one tab to be opened at a time, but it does block all trackers – advertising, social, and analytics.

2. Yandex Browser

It is based on Chromium. Boasting an active security system called “Protect” that shields your privacy on public WiFi networks. You can add extensions that opens lot of opportunities like ad-blocking. It offers features like incognito mode, view pages in desktop mode, and webpage translation, Yandex has the potential to be the default browser on your smartphone.

You can save webpages as a PDF. Additionally it has a section named “Yandex Zen” that displays news feed on main screen.

3. Orfox – Tor Browser For Android

Orfox is is built upon Tor Browser. It has a feature called “HTTPS Everywhere” that forces the HTTPS protocol of any website, that is if it has one. For extra security, orfox  can be locked using a password and in the private browsing mode all the trackers get disabled automatically. Furthermore, it disallows you to take screenshots anywhere in the browser.

Additionally you can also proxy the traffic, you’ll need to install Orbot for that. It also comes with the option to clear all data on exit and allows you to install add-ons.

4. Ghostery Privacy Browser

It is a browser that focuses mostly on privacy. Taking in consideration, you don’t have to compromise with your security either. You get the option to block the trackers, auto-complete and pop-up blocking by default.

You also get features which always block cookies and clear traces like browsing history, cookies, and cache on exit. It has a “Ghost Mode” which is similar to Chrome’s Incognito mode and is currently in its beta state.

5. Javelin Browser

This one takes your security to the next level. It let’s you browse the Internet while being incognito always. It has a “Spirit” mode which gives a super-fast private proxy tunnel (VPN) and private browsing that hides your online activity from firewalls.

Additionally it turns on a private proxy server whenever you visit a blocked website, making browsing experience seamless.

Read More

HACKING THE HACKER – LEARN FROM THE EXPERTS WHO TAKE DOWN THE HACKERS EBOOK

Hacking The Hacker

Description

Meet the world’s top ethical hackers and explore the tools of the trade

Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world’s top white hat hackers, security researchers, writers, and leaders, describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology.  Dorothy Denning discusses advanced persistent threats, Martin Hellman describes how he helped invent public key encryption, Bill Cheswick talks about firewalls, Dr. Charlie Miller talks about hacking cars, and other cybersecurity experts from around the world detail the threats, their defenses, and the tools and techniques they use to thwart the most advanced criminals history has ever seen. Light on jargon and heavy on intrigue, this book is designed to be an introduction to the field; final chapters include a guide for parents of young hackers, as well as the Code of Ethical Hacking to help you start your own journey to the top.

Cybersecurity is becoming increasingly critical at all levels, from retail businesses all the way up to national security. This book drives to the heart of the field, introducing the people and practices that help keep our world secure.

• Go deep into the world of white hat hacking to grasp just how critical cybersecurity is
• Read the stories of some of the world’s most renowned computer security experts
• Learn how hackers do what they do—no technical expertise necessary
• Delve into social engineering, cryptography, penetration testing, network attacks, and more

As a field, cybersecurity is large and multi-faceted—yet not historically diverse. With a massive demand for qualified professional that is only going to grow, opportunities are endless. Hacking the Hacker shows you why you should give the field a closer look.

Click here to download

Read More

HACKING: HOW TO HACK COMPUTERS, BASIC SECURITY AND PENETRATION TESTING EBOOK

How to Hack Computers, Basic Security and Penetration Testing

Table of Contents
Introduction
Chapter 1 Introduction to Hacking
Chapter 2 The Rules of Ethical Hacking
Chapter 3 What Hackers See During a Sweep
Chapter 4 Understanding Basic Security Systems
Chapter 5 Where Hackers Attack
Chapter 6 Understanding Social Engineering
Chapter 7 Protecting your Passwords
Chapter 8 Hacking Skills: Learn Programming
Chapter 9 Hacking Skills: Open-sources
Chapter 10 Hacking Skills: Proper Writing
Chapter 11 Creating A Status in the Hacker Culture
Chapter 12 Hacker and Nerd
Chapter 13 Concept of Free Access in Hacking
Chapter 14 Culture of Sharing
Chapter 15 Hacking as a Community and Collaborative Effort
Chapter 16 Ethical Hacking
Chapter 17 Hacking for Free Internet
Chapter 18 Securing Your Network
Chapter 19 Dealing with Fake Wi-Fis
Chapter 20 Hacking Facebook
Chapter 21 Understanding a Denial of Service Attack
Chapter 22 Introduction to Digital Forensics
Chapter 23 Windows Registry and Forensics
Chapter 24 Going Undercover in Your Own Network

Click Here to Download

Read More

Russian Hacker Exploits GTA 5 PC Mod to Install Cryptocurrency Miner

Gamers were delighted with the release of world’s second most popular video game Grand Theft Auto V (GTA 5) released by Rockstar North. It was in every way a modder’s dream as while playing the game it allowed gamers to change the base game to a great extent. However, with the high profile and extreme popularity of the game, cybercriminals were bound to identify ways of exploiting and benefitting from it. And, cryptocurrency mining being the latest fad among hackers is the primary mode of exploitation of GTA 5.

According to researchers, a mod maker going by the online handle of ‘Anton’ is reportedly distributing malware into the GTA 5 mods. The young, Russian speaking cybercriminal is apparently trying to hijack the computer power secretly to mine cryptocurrency. The mod maker of GTA 5 was discovered by researchers at Minerva Labs, a cybersecurity firm.

As per their findings, the Arbuz GTA 5 mod was utilized as the source of distribution of malware whereas Anton was found to be using malware WaterMiner for mining cryptocurrency. WaterMiner is a modified version of the authentic open-source XMRig miner. Through the malware, Anton successfully harvests Monero coins. All this is done without alarming the mod user.

Arbuz means watermelon in the Russian language that’s why researchers call have labeled the malware as WaterMiner. The malware is capable of evading all sorts of detection tools and also can hide from being identified by the Windows Task Manager tool or other monitoring services that are meant to keep tabs on computer resources. In case WaterMiner identifies that a computer monitoring tool is trying to detect it, the malware instantly aborts the process and shuts down mining after which it goes into hibernation.

A developer using the alias Martin 0pc0d3r is responsible for creating WaterMiner. Researchers were able to locate the developer because the developer has implemented poor track covering measures. It was due to the same careless attitude that researchers could trace Anton. The aim of Anton was to capitalize on the in-demand games in Russia and that’s why he hid the malware in the fiercely popular GTA 5 game. We suggest that you be cautious while installing mods and the platforms from where you download them in order to stay protected.

Anton, for your information, has become quite popular with his Twitter rants where he claims to have the immense hacking expertise and boasts about his experience as a hacker. The researchers noted that “It is clear that we are not dealing with an experienced cybercriminal.”

Minerva researchers are expecting more fireworks from Anton, and other hackers as the trend of employing malware based miners gain momentum. “It seems that Monero also attracts resourceful individuals who are not the classic attackers we might imagine as criminal masterminds, just like Alaska lured many unskilled miners during the gold rush,” stated the researchers at Minerva.

In a tweet, FiveM, a modification framework for GTA V said that they had issued a security update just to stop users from adding miners to their code. But it looks like things are already out of control.

 Follow

FiveM @_FiveM

A minor FiveM update has been released with some small fixes, and blocking of 'coinhive' mining services. Thanks for the reports!

9:34 PM - Oct 1, 2017

•  66 Replies
 
•  11 Retweet
 
•  2323 likes

Twitter Ads info and privacy

The trend of using Cryptocurrency minors is at peak. It was The Pirate Bay that was caught secretly using Coin Hive’s script to mine Monero digital coins. After that, researchers discovered that there are more than 500 websites are currently mining cryptocurrency without user consent.

Read More